<?php
    /**
    * Profile Save Action
    */
    if (!defined('EXPONENT')) exit('');
    if (exponent_users_isAdmin() ||  exponent_permissions_check(array("administrate"),exponent_core_makeLocation("profilemodule","_syscore","")))
    {
        $profile=null;
        $error=0;
        if (isset($_REQUEST['id']))
        {
            $profile=$db->selectObject('profilemodule_profile','id='.intval($_REQUEST['id']));
        }   
        if(isset($_POST['user_id']))
        $profile->user_id=intval($_POST['user_id']); 
        else
        $error++;       
        $profile->firstname=$_POST['firstname'];
        $profile->lastname=$_POST['lastname'];
        $profile->company_name=$_POST['companyname'];
        $profile->tc_identity=$_POST['identity'];
        $profile->email=$_POST['email'];
        $profile->website=$_POST['website'];
        $profile->address=$_POST['address'];
        $profile->tel1=$_POST['tel1'];
        $profile->tel2=$_POST['tel2'];
        $profile->skype=$_POST['skypename'];
        $profile->fax=$_POST['fax'];
        $profile->tax_number=$_POST['tax_number'];
        $profile->tax_office=$_POST['tax_office'];
        $profile->city=$_POST['city'];
        $profile->country=$_POST['country'];
        $profile->postcode=$_POST['postcode'];

        if (isset($profile->id)) {
            $db->updateObject($profile,'profilemodule_profile');
            echo "OK";
        } else 
        {
            //Check client id
                $client_id=intval($_REQUEST['client_id']);   
            $check=$db->selectObject('profilemodule_profile','client_id='.$client_id);
            if(!$check &&$client_id>0&&$error==0)
            {//No duplicate
                $profile->client_id=$client_id;
                $profile->id = $db->insertObject($profile,'profilemodule_profile');
                echo "OK";
            }
            else
            {
                echo "Duplicate"; 
            }
        }

    }
    else
        exponent_http_error(403);

?>
